{"id":13587900,"url":"https://github.com/lstellway/self-signed-ssl","last_synced_at":"2025-04-07T07:18:12.904Z","repository":{"id":47711524,"uuid":"103597118","full_name":"lstellway/self-signed-ssl","owner":"lstellway","description":"Generate self-signed TLS certificate using OpenSSL","archived":false,"fork":false,"pushed_at":"2021-10-01T15:27:22.000Z","size":379,"stargazers_count":278,"open_issues_count":7,"forks_count":79,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-02-14T21:59:18.305Z","etag":null,"topics":["bash-script","openssl","self-signed-certificate"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lstellway.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-09-15T00:56:47.000Z","updated_at":"2024-02-01T17:44:44.000Z","dependencies_parsed_at":"2022-08-28T09:11:25.525Z","dependency_job_id":null,"html_url":"https://github.com/lstellway/self-signed-ssl","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lstellway%2Fself-signed-ssl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lstellway%2Fself-signed-ssl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lstellway%2Fself-signed-ssl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lstellway%2Fself-signed-ssl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lstellway","download_url":"https://codeload.github.com/lstellway/self-signed-ssl/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247608160,"owners_count":20965953,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash-script","openssl","self-signed-certificate"],"created_at":"2024-08-01T15:06:24.978Z","updated_at":"2025-04-07T07:18:12.884Z","avatar_url":"https://github.com/lstellway.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"**ANNOUNCEMENT**\n\n\u003e I have released another PKI utility named [acert](https://github.com/lstellway/acert). \u003cbr /\u003e\n\u003e It is a Golang project and independent of OpenSSL. \u003cbr /\u003e\n\u003e Options, options... 🤔 \n\n\u003cbr /\u003e\n\n# Self Signed SSL\n\nThis script simplifies the creation of certificate authorities, signing requests and self-signed TLS certificates using OpenSSL.\n\n[Video Tutorial](https://www.youtube.com/watch?v=-6_u1dbGARg)\n\n[![Self-Signed SSL - Introduction Video](./.etc/thumbnail.gif)](https://www.youtube.com/watch?v=-6_u1dbGARg)\n\n\u003cbr /\u003e\n\n## Installation\n\n\u003cbr /\u003e\n\n**Homebrew (MacOS)**\n\n```\nbrew tap lstellway/formulae\nbrew install lstellway/formulae/self-signed-ssl\n```\n\n\u003cbr /\u003e\n\n**cURL**\n\n```\ncurl --output self-signed-ssl https://raw.githubusercontent.com/lstellway/self-signed-ssl/master/self-signed-ssl \u0026\u0026 chmod +x self-signed-ssl\n```\n\n\u003cbr /\u003e\n\n## Usage\n\n```shell\nself-signed-ssl [OPTIONS]\n\n# Run with no arguments to be prompted for required values\nself-signed-ssl\n\n# Only create a certificate authority and trust the generated certificate\nself-signed-ssl --ca-only --trust\n\n# Only create a certificate signing request\nself-signed-ssl --csr-only\n\n# Generate a signed certificate using existing files\nself-signed-ssl --ca='/path/to/CA.pem' --ca-key='/path/to/CA.key' --csr='/path/to/EXAMPLE.csr'\n\n# Automate certificate generation\nself-signed-ssl --no-interaction -c 'US' -s 'California' -l 'Los Angeles' -o 'Example Org' -u 'Example Unit' -n 'example.com' -a 'www.example.com'\n```\n\n\u003cbr /\u003e\n\n## Options\n\n\u003cbr /\u003e\n\n**General**\n\n| Option | Description |\n| ----------------------------- | ----------------------------------------------------------------------------------------------------- |\n| `-h` `--help` | Display help and exit |\n| `-v` `--version` | Display the script version and exit |\n| `-p VALUE` `--path=VALUE` | Path to output generated keys |\n| `-d VALUE` `--duration=VALUE` | Number of days the certificate is valid (default `365`) |\n| `-b VALUE` `--bits=VALUE` | Key size in bits (default `2048`) |\n| `--no-interaction` | Disables interactive prompts for unspecified variables. \u003cbr /\u003e_(OpenSSL may still prompt for values)_ |\n\n\u003cbr /\u003e\n\n**Certificate Authority**\n\n| Option | Description |\n| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------- |\n| `--ca=VALUE` | Path to certificate authority cert file \u003cbr /\u003e_(Generates new CA if not set)_ |\n| `--ca-key=VALUE` | Path to certificate authority key file \u003cbr/\u003e_(Generates new CA if not set)_ |\n| `--ca-only` | Instructs script to solely generate a certificate authority |\n| `--ca-ext` | Allow passing extensions to the CA request |\n| `-t` `--trust` | Flag to trust certificate authority _(requires `sudo` privileges)_\u003cbr /\u003e_(Currently supports Darwin/MacOS, Fedora/CentOS, Debian/Ubuntu)_ |\n\n\u003cbr /\u003e\n\n**Certificate Signing Request**\n\n| Option | Description |\n| ------------ | -------------------------------------------------------------------------------------------------- |\n| `--csr` | Path to certificate signing request \u003cbr /\u003e_(Generates new certificate signing request if not set)_ |\n| `--csr-only` | Instructs script to solely generate a certificate signing request |\n\n\u003cbr /\u003e\n\n**Certificate / Subject**\n\n| Option | Description |\n| --------------------------------- | ---------------------------------------------------------------------------------------------------- |\n| `--extfile=VALUE` | Path to file containing OpenSSL certificate extensions\u003cbr /\u003e_(Optional - generated if not provided)_ |\n| `-c VALUE` `--country=VALUE` | Country Name (2 letter code) |\n| `-s VALUE` `--state=VALUE` | State or Province Name (full name) |\n| `-l VALUE` `--locality=VALUE` | Locality Name (eg, city) |\n| `-o VALUE` `--organization=VALUE` | Organization Name (eg, company) |\n| `-u VALUE` `--unit=VALUE` | Organizational Unit Name (eg, section) |\n| `-n VALUE` `--common-name=VALUE` | Common Name (e.g. server FQDN or YOUR name) |\n| `-a VALUE` `--san=VALUE` | Comma-delimited list of subject alternative names _(Subdomains, etc..)_ |\n| `-e VALUE` `--email=VALUE` | Email Address |\n\n\u003cbr /\u003e\n\n## Resources\n\n- [OpenSSL 1.1.1 Manual](https://www.openssl.org/docs/man1.1.1/man1/)\n- [Issues / Feature Requests](https://github.com/lstellway/self-signed-ssl/issues)\n- [Mozilla SSL Configuration Generator](https://ssl-config.mozilla.org/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flstellway%2Fself-signed-ssl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flstellway%2Fself-signed-ssl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flstellway%2Fself-signed-ssl/lists"}